TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published: 2024-01-03T15:55:27.061Z
Updated: 2024-08-01T22:35:34.686Z
Reserved: 2024-01-03T14:21:17.583Z
Link: CVE-2024-21910
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-03T16:15:09.090
Modified: 2024-01-08T19:46:25.757
Link: CVE-2024-21910
Redhat
No data.